DESCRIPTION OF THE PROBLEM: There appears to be a bug in the isCookieValid method of HelloCookieManager that can lead to improper cookie validation results after a new cookieSecret is generated. The cookie version (cookieVersion) is initialized with a random number and increments with each cookie, regenerating the secret every 0xFFFFFF cookies.
When cookieVersion is negative, the expression ((cookieVersion >> 24) & 0xFF) results in an integer that does not match the signed byte value in cookie[0], causing the else clause to be executed incorrectly. This leads to the use of legacySecret even for valid cookies. ------------- Commit messages: - 8360539: DTLS handshakes fails due to improper cookie validation logic Changes: https://git.openjdk.org/jdk/pull/26006/files Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=26006&range=00 Issue: https://bugs.openjdk.org/browse/JDK-8360539 Stats: 2 lines in 1 file changed: 0 ins; 0 del; 2 mod Patch: https://git.openjdk.org/jdk/pull/26006.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/26006/head:pull/26006 PR: https://git.openjdk.org/jdk/pull/26006
